https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167290#M875968 <HTML><HEAD></HEAD><BODY><P>A host residing on an interface can only ping its adjacnet ASA interface.It cannot ping the far end</P><P>interface of ASA. For example if you have a host on inside, this host can only ping the</P><P>inside interface of ASA and no other interface (eg: outside or dmz). Although the Hosts connected to "Far end interfaces" can be pinged, "Far end interface" cannot be pinged by a host . This is a security feature on ASA firewalls.</P><P></P><P>Syed Iftekhar Ahmed</P><P></P></BODY></HTML> Mon, 23 Feb 2009 08:11:32 GMT Syed Iftekhar Ahmed 2009-02-23T08:11:32Z https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167288#M875966 <P>Hi,</P><P>I have just configured my brand new ASA 5510 with ASA Version 8.0(4). i am having a little problem that is: i cannot access(nor even ping) DMZ interface and other interface from Inside Host, mean while i can access the servers behind DMZ and other interfaces.</P><P></P><P>when i ping to DMZ interface i found the below msgs in logging.</P><P></P><P></P><P>Built inbound ICMP connection for faddr 192.168.10.33/512 gaddr 172.16.250.5/0 laddr 172.16.250.5/0</P><P>Details:</P><P>% ASA-6-302020: Built {in | out}bound ICMP connection for faddr {faddr | icmp_seq_num} gaddr {gaddr | cmp_type} laddr laddr</P><P>An ICMP session was established in the fast-path when stateful ICMP is enabled using the inspect icmp command.</P><P></P><P>Teardown ICMP connection for faddr 192.168.10.33/512 gaddr 172.16.250.5/0 laddr 172.16.250.5/0</P><P></P><P>details:</P><P>%ASA-6-302021: Teardown ICMP connection for faddr {faddr | icmp_seq_num} </P><P>gaddr {gaddr | cmp_type} laddr laddr</P><P>An ICMP session was removed in the fast-path when stateful ICMP is enabled using the inspect icmp command.</P><P></P><P>i tried alot but couldnt get success.</P><P>please help!</P><P></P> Mon, 11 Mar 2019 14:54:48 GMT https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167288#M875966 zafar12233 2019-03-11T14:54:48Z https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167289#M875967 <HTML><HEAD></HEAD><BODY><P>A host residing on an interface can only ping its adjacnet ASA interface.It cannot ping the far end</P><P>interface of ASA. For example if you have a host on inside, this host can only ping the</P><P>inside interface of ASA and no other interface (eg: outside or dmz). Although the Hosts connected to "Far end interfaces" can be pinged, "Far end interface" cannot be pinged by a host . This is a security feature on ASA firewalls.</P><P></P><P>Syed Iftekhar Ahmed</P><P></P></BODY></HTML> Mon, 23 Feb 2009 08:09:38 GMT https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167289#M875967 Syed Iftekhar Ahmed 2009-02-23T08:09:38Z https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167290#M875968 <HTML><HEAD></HEAD><BODY><P>A host residing on an interface can only ping its adjacnet ASA interface.It cannot ping the far end</P><P>interface of ASA. For example if you have a host on inside, this host can only ping the</P><P>inside interface of ASA and no other interface (eg: outside or dmz). Although the Hosts connected to "Far end interfaces" can be pinged, "Far end interface" cannot be pinged by a host . This is a security feature on ASA firewalls.</P><P></P><P>Syed Iftekhar Ahmed</P><P></P></BODY></HTML> Mon, 23 Feb 2009 08:11:32 GMT https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167290#M875968 Syed Iftekhar Ahmed 2009-02-23T08:11:32Z https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167291#M875969 <HTML><HEAD></HEAD><BODY><P>Thank you So Much for your Reply Mr. Iftikhar,</P><P></P><P>I got your point, i sensed that too, but wasnt sure, once again thanks <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P>i have a question that this security feature is only available in ASA ver. 8.0(4) or its ASA feature regardless of ASA Version?</P><P></P><P>Thank you,</P><P>Zafar-</P></BODY></HTML> Mon, 23 Feb 2009 09:34:08 GMT https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167291#M875969 zafar12233 2009-02-23T09:34:08Z https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167292#M875970 <HTML><HEAD></HEAD><BODY><P>Its there since PIX days.</P><P>Its exists for all ASA codes.</P><P></P><P>Syed Iftekhar Ahmed</P><P></P><P></P></BODY></HTML> Mon, 23 Feb 2009 09:50:57 GMT https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167292#M875970 Syed Iftekhar Ahmed 2009-02-23T09:50:57Z https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167293#M875971 <HTML><HEAD></HEAD><BODY><P>Thanks once again <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P></BODY></HTML> Mon, 23 Feb 2009 10:19:11 GMT https://community.cisco.com/t5/network-security/asa-5510-access-other-interface-problem/m-p/1167293#M875971 zafar12233 2009-02-23T10:19:11Z